What piece of software are you talking about ?

Azire in particular.

Azire what? They’re a Wireguard VPN provider with a web portal.

I guess same confusion as here: https://discuss.tchncs.de/comment/23696262

You give the impression that you are talking about the VPNs when you are actually talking about smartphone apps…?

What isn’t free software…?

I think you should make it clear if you are talking about VPN services or client-side apps here. If they provide normal standard protocols like Wireguard and OpenVPN, they can be used without having to install any provider-specific apps.

Regardless of provider it’s generally preferred to use third-party software to connect. VPN providers that don’t even have their own apps don’t qualify as good for you either?

Demanding the whole stack be FLOSS is a bit silly in this context. None of the ones you mentioned open-source most of their backend systems either AFAIK.

I think you should do your homework better before you speak so widely and absolutely dismissively with such claim of authority. It is not helpful.

Food for thought: By consistently following a strategy optimizing and picking the optimal product/service based on cost/benefit, you will end up on the same one as everyone else doing the same thing. From a practical perspective this leads to winner-takes-all and centralization. Whoever is the underdog today becomes the Google or Cloudflare of tomorrow and we’re back at square one. From a philosophical perspective, did you really make a choice? Or did “the market” (of which you are also part) decide on your behalf? A healthy market needs at least thousands of mail providers, not 5 or 10.

Obviously same thing goes for basing your pick on brand perception, picking the most popular or recommended one, but without the benefit of knowing you’ll actually get the better service.

Can free will exist among economically rational participants in a market? There can be some power in knowing you chose whatever you did based on factors other than cost-performance or popularity. Sometimes the optimal choice can be suboptimal.

And why not self-hosting your inbox? Hard to beat from privacy standpoint. It really doesn’t have to be as hard as they say. Even if you don’t go full homelab right away: Some providers are accommodating and make it easy to gradually or partially self-host by offering open standard protocols. Others make it really tricky and steer you hard into their app ecosystem. So how straightforward it is to use your own local third-party mail client is a good consideration even if you don’t intend to self-host anything else anytime soon.

I prefer my devices without any malware at all but you do you I guess.

you’re data is safe with small hackers

wat

Centralization and monoculture is a mistake.

In case it swings your judgement either way, Njalla is run by one of the three Piratebay founders.

Yes let’s make sure everyone’s on the exact same provider. What could possibly go wrong. “Just use X” bandwagonning is shortsighted and lazy.

Or factory reset and then don’t install SmartTube. Fool me once?

Would be cool to hear how it goes if you do!

One thing to keep in mind as new is that “VPN” is a technical term with pretty clear meaning among the technical people but it has a very fuzzy meaning in marketing and branding. Referring here to “VPN apps” that may just be a local DNS relay (ie: it will only tunnel and filter your DNS requests; all your actual traffic still goes through your normal connection as clear as always). Oftentimes, it’s what we would call a proxy. Android has not at all helped here.

In either case, yes, you can usually chain things. What if any benefits you get from that depends on both technical specifics (which protocols) and your circumstances and threat model.

For example, if we consider only Wireguard (one of the VPN protocols Mullvad offers).

No VPN/proxy: Your ISP sees everything

1 proxy: ISP sees that you are connecting to proxy but not what servers you’re actually talking to. VPN provider now sees everything instead.

2 proxies: Proxy A sees your encrypted traffic to Proxy B. Proxy B sees all your traffic but doesn’t know where you are.

3 proxies: Congratulations, you have manually built a shitty onion circuit (Tor works like this)

Mullvad has their own “multi-hop” feature which chains two Mullvad nodes but i have to question using that strictly for privacy reasons, considering it’s by the same provider and the ports make it predictable from the ISP.

What are you curious about with Dillo And Netsurf? Isn’t it safe to assume at this point they will both be 0 across the board for all the queries in the report?

I think we need a different testing protocol for them to be interesting to include. AFAIK they don’t have add-ons that could be interesting to test either? Do you have any suggestion for step(s) you think could be added to the test in order to make those meaningful to include? Or is my assumption about Dillo and Netsurf out of date?

Oh, thanks for reminding me of Trivalent, I realize now I’ve come across it before but totally slipped my mind. If/when testing for chromium in place I think this can be interesting to sample next.

Assuming you mean the Mullvad extension (which is installed by default in MB) and not the Mullvad VPN app (which also exists but never came close to these machines) :)

That will indeed likely make a difference on Mullvad Browser numbers. However for now I’m not changing the “keep addons at stock defaults” invariant or the test matrix might get really out of hand… Should we disable uBlock Origin in LibreWolf? How about uBO or NoSccript in Mullvad then? Konform Browser loads uBO but only if its apt package is installed; should we do that? What happens when we try to explicitly opt out of everything under Preferences in Firefox? I guess the last one is something to actually consider but for now not touching the addons.

(Would be super cool if anyone else tries this out and reports back though! The compose should hopefully be straight forward and easy to get started with if you are on Linux and have podman available. The report mentions it TL;DR we had to work around the oBO install in LW not properly utilizing the proxy (?) like this and I think same approach could be used to Uninstall Mullvad extension from Mullvad Browser and prevent it from even loading)

Disclaimer: Am konform dev so shouldn’t be a surprise that it’s working well for ourselves I guess. Eager to hear to what extent it’s overfitted for our usage or really as great as I think it is ;)

BTW if you, dear reader, think queries in report of results are cherry-picked in a way that favors it (I don’t think they are but hey, fair), I’m also eagerly accepting input and especially PRs for queries (still have the raw dumps so I can add this quickly) or steps to test procedure (this means I have to rerun all of them so might take longer to update) that could illustrate different tradeoffs and show a more complete picture. Bring it on <3

Daily-driving it now. I think it’s great. If you’re somewhat familiar with the landscape otherwise I think readme explains how it’s different and why. If you don’t mind losing out on some "safety"¹ and latest upstream features² for the sake of a more stable and predictable base, not having reliance on proprietary integrations or even internet, and really removing all non-essential network integrations, then definitely worth a try!

¹: A surprising amount of people think (or at least write online) that a browser that doesn’t block user requests completely aligned with the Google SafeBrowsing blocklists is unsafe and that doing those syncs is an essential feature. If you think this is the only safe default option in 2026 I’m sorry but please consider uBlock Origin. See how opinions on who to trust can affect what “most secure” means. Konform Browser removes many assumptions of trust. But not all; Everyone still comes with an assumed PKI after all and there exists a default for DNS.

²: Since it’s ESR base it means new feature updates from Mozilla ~yearly instead of ~monthly. Still receiving security updates on the rapid schedule. No AI features out of the box.